Upgrading to GitLab 11.11.0.

Commit 818da0c5 authored by Michael Gilbert's avatar Michael Gilbert

release 56.0.2924.76-1~deb8u1

parent ad846f3e
chromium-browser (56.0.2924.76-1~deb8u1) jessie-security; urgency=medium
* New upstream stable release:
- CVE-2017-5007: Universal XSS in Blink. Credit to Mariusz Mlynski
- CVE-2017-5006: Universal XSS in Blink. Credit to Mariusz Mlynski
- CVE-2017-5008: Universal XSS in Blink. Credit to Mariusz Mlynski
- CVE-2017-5010: Universal XSS in Blink. Credit to Mariusz Mlynski
- CVE-2017-5011: Unauthorised file access in Devtools. Credit to Khalil
Zhani
- CVE-2017-5009: Out of bounds memory access in WebRTC. Credit to Sean
Stanek and Chip Bradford
- CVE-2017-5012: Heap overflow in V8. Credit to Gergely Nagy
- CVE-2017-5013: Address spoofing in Omnibox. Credit to Haosheng Wang
- CVE-2017-5014: Heap overflow in Skia. Credit to sweetchip
- CVE-2017-5015: Address spoofing in Omnibox. Credit to Armin Razmdjou
- CVE-2017-5019: Use after free in Renderer. Credit to Wadih Matar
- CVE-2017-5016: UI spoofing in Blink. Credit to Haosheng Wang
- CVE-2017-5017: Uninitialised memory access in webm video. Credit to
danberm
- CVE-2017-5018: Universal XSS in chrome://apps. Credit to Rob Wu
- CVE-2017-5020: Universal XSS in chrome://downloads. Credit to Rob Wu
- CVE-2017-5021: Use after free in Extensions. Credit to Rob Wu
- CVE-2017-5022: Bypass of Content Security Policy in Blink. Credit to
PKAV Team.
- CVE-2017-5023: Type confusion in metrics. Credit to the UK's National
Cyber Security Centre (NCSC)
- CVE-2017-5026: UI spoofing. Credit to Ronni Skansing
* Fix regression in pulseaudio (closes: #848029).
-- Michael Gilbert <mgilbert@debian.org> Sun, 18 Dec 2016 19:22:51 +0000
chromium-browser (55.0.2883.75-1~deb8u1) jessie-security; urgency=medium
* New upstream stable release:
......
......@@ -14,7 +14,7 @@ author: Michael Gilbert <mgilbert@debian.org>
ld = cxx
--- a/build/config/compiler/BUILD.gn
+++ b/build/config/compiler/BUILD.gn
@@ -407,7 +407,7 @@ config("compiler") {
@@ -401,7 +401,7 @@ config("compiler") {
# clang-cl (used if is_win) doesn't expose this flag.
# Currently disabled for nacl since its toolchain lacks this flag (too old).
# TODO(zforman): Once nacl's toolchain is updated, remove check.
......
......@@ -11,7 +11,7 @@
return false;
--- a/chrome/common/extensions/chrome_extensions_client.h
+++ b/chrome/common/extensions/chrome_extensions_client.h
@@ -57,9 +57,9 @@ class ChromeExtensionsClient : public Ex
@@ -58,9 +58,9 @@ class ChromeExtensionsClient : public Ex
static ChromeExtensionsClient* GetInstance();
private:
......@@ -26,7 +26,7 @@
// list (except in tests) without consulting the Extensions team first.
--- a/services/ui/surfaces/surfaces_context_provider.cc
+++ b/services/ui/surfaces/surfaces_context_provider.cc
@@ -77,7 +77,7 @@ bool SurfacesContextProvider::BindToCurr
@@ -78,7 +78,7 @@ bool SurfacesContextProvider::BindToCurr
gpu::CommandBuffer* command_buffer = command_buffer_proxy_impl_.get();
gles2_helper_.reset(new gpu::gles2::GLES2CmdHelper(command_buffer));
......
......@@ -2,7 +2,7 @@ description: disable the google api key warning when those aren't found
--- a/chrome/browser/ui/startup/startup_browser_creator_impl.cc
+++ b/chrome/browser/ui/startup/startup_browser_creator_impl.cc
@@ -805,8 +805,6 @@ void StartupBrowserCreatorImpl::AddInfoB
@@ -804,8 +804,6 @@ void StartupBrowserCreatorImpl::AddInfoB
if (is_process_startup == chrome::startup::IS_PROCESS_STARTUP &&
!command_line_.HasSwitch(switches::kTestType)) {
chrome::ShowBadFlagsPrompt(browser);
......
description: avoid dependence on gtk3
author: Michael Gilbert <mgilbert@debian.org>
--- a/BUILD.gn
+++ b/BUILD.gn
@@ -362,7 +362,9 @@ group("both_gn_and_gyp") {
if (is_linux && !is_chromeos && !is_chromecast && !use_ozone) {
# TODO(thomasanderson): Remove this once we build using
# GTK3 by default. (crbug.com/132847, crbug.com/79722)
+ if (use_gtk3) {
deps += [ "//chrome/browser/ui/libgtkui:libgtk3ui" ]
+ }
}
if (use_ozone) {
--- a/chrome/browser/ui/libgtkui/BUILD.gn
+++ b/chrome/browser/ui/libgtkui/BUILD.gn
@@ -135,6 +135,7 @@ component("libgtk2ui") {
]
}
+if (use_gtk3) {
component("libgtk3ui") {
sources = common_sources
configs += common_configs
@@ -148,3 +149,4 @@ component("libgtk3ui") {
"//chrome/browser:theme_properties",
]
}
+}
......@@ -24,7 +24,7 @@ Include system copy of prtime.h
namespace base {
--- a/tools/gn/bootstrap/bootstrap.py
+++ b/tools/gn/bootstrap/bootstrap.py
@@ -467,7 +467,6 @@ def write_gn_ninja(path, root_gen_dir, o
@@ -466,7 +466,6 @@ def write_gn_ninja(path, root_gen_dir, o
'base/third_party/dmg_fp/dtoa_wrapper.cc',
'base/third_party/dmg_fp/g_fmt.cc',
'base/third_party/icu/icu_utf.cc',
......@@ -32,7 +32,7 @@ Include system copy of prtime.h
'base/threading/non_thread_safe_impl.cc',
'base/threading/post_task_and_reply_impl.cc',
'base/threading/sequenced_task_runner_handle.cc',
@@ -567,7 +566,7 @@ def write_gn_ninja(path, root_gen_dir, o
@@ -566,7 +565,7 @@ def write_gn_ninja(path, root_gen_dir, o
}
if is_linux:
......@@ -43,7 +43,7 @@ Include system copy of prtime.h
static_libraries['xdg_user_dirs'] = {
--- a/base/BUILD.gn
+++ b/base/BUILD.gn
@@ -52,6 +52,9 @@ config("base_flags") {
@@ -49,6 +49,9 @@ config("base_flags") {
"-Wno-char-subscripts",
]
}
......@@ -53,7 +53,7 @@ Include system copy of prtime.h
}
config("base_implementation") {
@@ -823,8 +826,6 @@ component("base") {
@@ -833,8 +836,6 @@ component("base") {
"third_party/dmg_fp/g_fmt.cc",
"third_party/icu/icu_utf.cc",
"third_party/icu/icu_utf.h",
......
description: use correct argument type for jessie's png12
author: Michael Gilbert <mgilbert@debian.org>
--- a/third_party/WebKit/Source/platform/image-decoders/png/PNGImageDecoder.cpp
+++ b/third_party/WebKit/Source/platform/image-decoders/png/PNGImageDecoder.cpp
@@ -65,7 +65,7 @@ inline sk_sp<SkColorSpace> readColorSpac
png_charp name = nullptr;
int compression = 0;
- png_bytep profile = nullptr;
+ png_charp profile = nullptr;
png_uint_32 length = 0;
if (png_get_iCCP(png, info, &name, &compression, &profile, &length)) {
return SkColorSpace::MakeICC(profile, length);
description: add ps printing capability
author: Salvatore Bonaccorso
--- a/chrome/browser/ui/libgtk2ui/print_dialog_gtk2.cc
+++ b/chrome/browser/ui/libgtk2ui/print_dialog_gtk2.cc
@@ -346,6 +346,7 @@ void PrintDialogGtk2::ShowDialog(
--- a/chrome/browser/ui/libgtkui/print_dialog_gtk.cc
+++ b/chrome/browser/ui/libgtkui/print_dialog_gtk.cc
@@ -348,6 +348,7 @@ void PrintDialogGtk2::ShowDialog(
// Since we only generate PDF, only show printers that support PDF.
// TODO(thestig) Add more capabilities to support?
GtkPrintCapabilities cap = static_cast<GtkPrintCapabilities>(
......
......@@ -13,5 +13,9 @@ third-party-cookies-off-by-default.patch
ps-print.patch
chromedriver-revision.patch
skia.patch
webui.patch
gtk2.patch
webrtc.patch
webkit.patch
png12.patch
description: avoid a clang 4.0 compiler intrinsic
author: Michael Gilbert <mgilbert@debian.org>
--- a/third_party/skia/src/opts/SkRasterPipeline_opts.h
+++ b/third_party/skia/src/opts/SkRasterPipeline_opts.h
@@ -40,8 +40,10 @@ static inline void SK_VECTORCALL stage_1
Sk4f r, Sk4f g, Sk4f b, Sk4f a,
Sk4f dr, Sk4f dg, Sk4f db, Sk4f da) {
#if defined(__clang__)
+#if __has_builtin(__builtin_assume)
__builtin_assume(tail > 0); // This flourish lets Clang compile away any tail==0 code.
#endif
+#endif
kernel(st->ctx<void*>(), x,tail, r,g,b,a, dr,dg,db,da);
if (kCallNext) {
st->next(x,tail, r,g,b,a, dr,dg,db,da);
......@@ -3,7 +3,7 @@ Author: Chad Miller <chad.miller@canonical.com>
--- a/components/content_settings/core/browser/cookie_settings.cc
+++ b/components/content_settings/core/browser/cookie_settings.cc
@@ -82,7 +82,7 @@ void CookieSettings::GetCookieSettings(
@@ -83,7 +83,7 @@ void CookieSettings::GetCookieSettings(
void CookieSettings::RegisterProfilePrefs(
user_prefs::PrefRegistrySyncable* registry) {
registry->RegisterBooleanPref(
......
description: fix clang uninitialized const member error
author: Michael Gilbert <mgilbert@debian.org>
--- a/third_party/WebKit/Source/modules/indexeddb/IDBTransaction.cpp
+++ b/third_party/WebKit/Source/modules/indexeddb/IDBTransaction.cpp
@@ -133,6 +133,7 @@ IDBTransaction::IDBTransaction(Execution
m_database(db),
m_openDBRequest(openDBRequest),
m_mode(WebIDBTransactionModeVersionChange),
+ m_scope(),
m_state(Inactive),
m_oldDatabaseMetadata(oldMetadata) {
DCHECK(m_database);
description: fix unique_ptr casting problem detected by clang
author: Michael Gilbert <mgilbert@debian.org>
--- a/third_party/webrtc/modules/desktop_capture/screen_capturer_x11.cc
+++ b/third_party/webrtc/modules/desktop_capture/screen_capturer_x11.cc
@@ -407,12 +407,12 @@ std::unique_ptr<DesktopCapturer> Desktop
if (!options.x_display())
return nullptr;
- std::unique_ptr<ScreenCapturerLinux> capturer(new ScreenCapturerLinux());
- if (!capturer.get()->Init(options)) {
+ ScreenCapturerLinux *capturer = new ScreenCapturerLinux();
+ if (!capturer->Init(options)) {
return nullptr;
}
- return capturer;
+ return std::unique_ptr<DesktopCapturer>(capturer);
}
} // namespace webrtc
......@@ -43,8 +43,7 @@ defines+=is_debug=false \
# enabled features
defines+=use_gio=true \
use_gold=true \
use_pulseaudio=false \
link_pulseaudio=false \
use_pulseaudio=true \
proprietary_codecs=true \
ffmpeg_branding=\"Chrome\" \
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment